Create WebgoatContext in HammerHead, rather than WebSession

Now webgoatContext should effectively be a singleton, shared across
all WebSession instances. WebSession now initialises from WebgoatContext.

WebSession methods that refer to static "site wide" properties are deeted
and references to them updated to point to WebgoatContext


git-svn-id: http://webgoat.googlecode.com/svn/trunk@141 4033779f-a91e-0410-96ef-6bf7bf53c507

webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java

@@ -24,6 +24,7 @@ import org.owasp.webgoat.session.ErrorScreen;
 import org.owasp.webgoat.session.Screen;
 import org.owasp.webgoat.session.UserTracker;
 import org.owasp.webgoat.session.WebSession;
+import org.owasp.webgoat.session.WebgoatContext;
 
 /*******************************************************************************
  * 
@@ -79,6 +80,12 @@ public class HammerHead extends HttpServlet
      */
     public static String propertiesPath = null;
 
+    /**
+     * provides convenience methods for getting setup information 
+     * from the ServletContext
+     */
+    private WebgoatContext webgoatContext = null;
+    
 
     /**
      * Description of the Method
@@ -289,6 +296,7 @@ public class HammerHead extends HttpServlet
 	httpDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
 	propertiesPath = getServletContext().getRealPath(
 		"./WEB-INF/webgoat.properties");
+	webgoatContext = new WebgoatContext(this);
     }
 
 
@@ -481,7 +489,7 @@ public class HammerHead extends HttpServlet
 	{
 	    // Create new custom session and save it in the HTTP session
 	    // System.out.println( "HH Creating new WebSession: " );
-	    session = new WebSession(this, context);
+	    session = new WebSession(webgoatContext, context);
 	    hs.setAttribute(WebSession.SESSION, session);
 	    // reset timeout
 	    hs.setMaxInactiveInterval(sessionTimeoutSeconds);